Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/324C4B86F43D11EFB84017B1762E951A.roa
File: 324C4B86F43D11EFB84017B1762E951A.roa (raw, json)
Hash identifier: ru+kOcQDPQ6gvItf9jYD4kiO8PHVESTWgxthMh3yQtY=
Subject key identifier: 16:13:CA:25:29:CB:7E:77:1C:19:D4:E6:18:84:00:C1:E9:04:36:88
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013275
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/324C4B86F43D11EFB84017B1762E951A.roa
Signing time: Wed 26 Feb 2025 12:28:35 +0000
ROA not before: Wed 26 Feb 2025 12:28:31 +0000
ROA not after: Thu 19 Feb 2026 12:28:31 +0000
asID: 984
IP address blocks: 156.252.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78453 (0x13275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:28:31 2025 GMT
Not After : Feb 19 12:28:31 2026 GMT
Subject: CN=67bf08f2-f7ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1a:41:74:22:3c:a8:bc:ea:aa:cf:18:e5:7f:
92:5b:c8:69:81:b2:ee:67:18:3e:bd:ab:09:39:7b:
07:a5:41:1c:2c:e6:47:e0:96:57:7e:17:74:0b:a9:
0a:ad:4a:2d:a8:be:2b:6c:40:3b:60:2e:9d:55:d6:
fd:4e:46:6f:47:9f:d7:c9:1b:4b:cb:aa:26:80:5b:
10:d1:b6:d2:7f:a9:65:de:26:d5:0e:74:e0:bf:9e:
da:81:04:61:94:a0:0e:19:c7:2f:4a:54:b2:40:5c:
41:7a:c9:8c:0c:5d:3a:c4:7a:84:24:e9:b9:e8:a1:
7c:ab:8b:44:78:7b:d8:c8:f0:6b:83:e5:55:72:04:
55:05:2a:71:31:c2:32:f6:5e:f3:5c:3d:06:b1:20:
17:55:b8:6a:9f:56:2a:e3:54:51:50:c7:45:bb:9c:
e1:b3:97:d6:c0:9f:21:00:9d:4b:70:65:e4:41:6a:
dd:e0:4a:91:84:5d:4d:f7:4d:73:fe:09:1a:f0:cf:
a1:64:ec:41:9d:f5:f4:6e:ec:cb:91:e0:72:ad:b5:
97:2f:09:3f:0f:92:33:17:13:b0:df:95:cd:25:af:
c4:d0:df:ca:77:32:c2:9c:b6:b1:d8:2c:44:7c:77:
94:8b:52:c3:91:4b:5e:00:5e:52:78:ae:09:fb:2c:
6b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:13:CA:25:29:CB:7E:77:1C:19:D4:E6:18:84:00:C1:E9:04:36:88
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/324C4B86F43D11EFB84017B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.143.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:53:5e:23:fd:70:74:7b:56:a4:9d:9b:f6:2d:e6:96:ab:8f:
45:ea:41:b1:53:e5:4a:4e:44:c2:b7:19:14:c4:12:bb:da:6c:
40:92:6b:53:b2:85:ea:0a:73:5a:56:fc:d4:9d:e3:eb:58:54:
1f:50:1c:9e:65:e5:e6:ce:0c:d3:66:9d:cf:d3:0d:1f:6e:c0:
b7:ba:86:e0:e1:bc:ab:63:a8:95:ce:da:e8:e8:0d:51:31:42:
26:74:64:00:c4:61:2d:c8:9b:46:a7:d3:42:7a:cf:74:99:d9:
f9:1c:49:98:56:a4:ec:71:76:5c:26:1f:a7:e5:17:84:87:ea:
10:ed:21:82:cf:9a:ce:f4:87:f5:3d:c6:3e:1c:72:61:91:00:
24:c3:ff:8a:a5:ac:80:f4:60:58:6a:b3:39:44:a3:d7:1c:f3:
61:47:ff:3f:22:10:43:89:03:7b:f3:36:77:f5:1b:9f:8a:ee:
9e:30:11:42:c4:25:ff:0a:4b:c0:99:20:6b:1f:c5:d5:a8:ff:
9a:63:5c:c6:7c:f6:fc:a0:bd:26:d6:9b:19:40:e7:bf:55:21:
d1:19:e0:9f:c9:ee:75:e7:fe:5a:a0:04:05:43:f2:2a:f8:86:
d1:41:e0:1a:cf:14:d8:3e:ca:b9:69:4f:b3:80:e8:3f:49:f3:
38:00:c0:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATJ1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTIyODMxWhcNMjYwMjE5MTIyODMxWjAYMRYw
FAYDVQQDEw02N2JmMDhmMi1mN2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5xpBdCI8qLzqqs8Y5X+SW8hpgbLuZxg+vasJOXsHpUEcLOZH4JZXfhd0
C6kKrUotqL4rbEA7YC6dVdb9TkZvR5/XyRtLy6omgFsQ0bbSf6ll3ibVDnTgv57a
gQRhlKAOGccvSlSyQFxBesmMDF06xHqEJOm56KF8q4tEeHvYyPBrg+VVcgRVBSpx
McIy9l7zXD0GsSAXVbhqn1Yq41RRUMdFu5zhs5fWwJ8hAJ1LcGXkQWrd4EqRhF1N
901z/gka8M+hZOxBnfX0buzLkeByrbWXLwk/D5IzFxOw35XNJa/E0N/KdzLCnLax
2CxEfHeUi1LDkUteAF5SeK4J+yxr1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBYT
yiUpy353HBnU5hiEAMHpBDaIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjRDNEI4NkY0M0QxMUVGQjg0MDE3QjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPyPMA0GCSqGSIb3DQEBCwUA
A4IBAQCpU14j/XB0e1aknZv2LeaWq49F6kGxU+VKTkTCtxkUxBK72mxAkmtTsoXq
CnNaVvzUnePrWFQfUByeZeXmzgzTZp3P0w0fbsC3uobg4byrY6iVztro6A1RMUIm
dGQAxGEtyJtGp9NCes90mdn5HEmYVqTscXZcJh+n5ReEh+oQ7SGCz5rO9If1PcY+
HHJhkQAkw/+KpayA9GBYarM5RKPXHPNhR/8/IhBDiQN78zZ39Rufiu6eMBFCxCX/
CkvAmSBrH8XVqP+aY1zGfPb8oL0m1psZQOe/VSHRGeCfye515/5aoAQFQ/Iq+IbR
QeAazxTYPsq5aU+zgOg/SfM4AMCX
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:50 2025 by rpki-client